SQL Injection Vulnerabilities in Dairy Farm Shop Management System by MATRIXDEVIL
CVE-2023-41594

7.5HIGH

Key Information:

Vendor: PHPgurukul
Status: Dairy Farm Shop Management System
Vendor: CVE Published:; 8 September 2023

What is CVE-2023-41594?

The Dairy Farm Shop Management System, built with PHP and MySQL, has been found to exhibit significant SQL injection vulnerabilities specifically within its Login functionality. This occurs when malicious users can manipulate the Username and Password input fields to execute arbitrary SQL code, potentially compromising the system's database integrity and exposing sensitive information. As attackers exploit these vulnerabilities, it becomes crucial for users to implement security best practices and apply necessary patches to safeguard their applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://portswigger.net/web-security/sql-injection

https://www.acunetix.com/vulnerabilities/web/sql-injection/

https://github.com/MATRIXDEVIL/CVE/blob/main/CVE-2023-41594

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 8, 2023
Vulnerability Reserved
Aug 30, 2023

JSON

PHPgurukul

What is CVE-2023-41594?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.